A data processing agreement (DPA) governs, under Article 28 of the GDPR, how a service provider processes personal data on behalf of a company.
A data processing agreement (DPA, German Auftragsverarbeitungsvertrag / AVV) is a contract required under Article 28 of the GDPR. It governs how a service provider processes personal data on behalf of a company.
Whenever an external service provider processes personal data on your behalf, such as a cloud provider. The commissioning company remains responsible towards the data subjects.
SecureCloud provides a DPA as part of the offering and processes data GDPR-compliantly in Germany. This lets companies meet their obligations as controllers demonstrably.
Yes. As soon as a service provider processes personal data on your behalf, a data processing agreement under Article 28 of the GDPR is required.
The commissioning company remains the controller under the GDPR. The service provider is the processor and acts on instructions.
Yes. A data processing agreement is part of the SecureCloud offering.
Unsere Experten beantworten Ihnen gerne alle Fragen.